Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nomad_1_5: 1.5.6 -> 1.5.7 #244361

Merged
merged 1 commit into from
Jul 20, 2023
Merged

nomad_1_5: 1.5.6 -> 1.5.7 #244361

merged 1 commit into from
Jul 20, 2023

Conversation

EtienneBruines
Copy link
Contributor

CVE notes from upstream:

Description of changes

https://github.com/hashicorp/nomad/releases/tag/v1.5.7

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.11 Release Notes (or backporting 23.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@amaxine amaxine added backport release-23.05 1.severity: security Issues which raise a security issue, or PRs that fix one labels Jul 20, 2023
amaxine
amaxine suggested changes Jul 20, 2023
View reviewed changes
Copy link
Contributor

@amaxine amaxine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please fix the commit message and the accidental indentation change? Otherwise looks good.

@EtienneBruines
Copy link
Contributor Author

@maxeaubrey Thank you for the review! Is this commit message better? Apparently vim cut off the URL halfway because it was too long.

@EtienneBruines EtienneBruines requested a review from amaxine July 20, 2023 08:50
@amaxine amaxine changed the title nomad_1_5: 1.5.6 -> 1.5.7 https://github.com/hashicorp/nomad/releases/tag/v1.5.7 nomad_1_5: 1.5.6 -> 1.5.7 Jul 20, 2023
@EtienneBruines
nomad_1_5: 1.5.6 -> 1.5.7
d345dda 
https://github.com/hashicorp/nomad/releases/tag/v1.5.7

CVE notes from upstream:

acl: Fixed a bug where a namespace ACL policy without label was applied to an unexpected namespace. CVE-2023-3072 [hashicorp/nomad#17908]
search: Fixed a bug where ACL did not filter plugin and variable names in search endpoint. CVE-2023-3300 [hashicorp/nomad#17906]
sentinel (Enterprise): Fixed a bug where ACL tokens could be exfiltrated via Sentinel logs CVE-2023-3299 [hashicorp/nomad#17907]
@EtienneBruines EtienneBruines requested a review from amaxine July 20, 2023 09:15
@amaxine amaxine merged commit 89a0d4a into NixOS:master Jul 20, 2023
@github-actions
Copy link
Contributor

Backport failed for release-23.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin release-23.05
git worktree add -d .worktree/backport-244361-to-release-23.05 origin/release-23.05
cd .worktree/backport-244361-to-release-23.05
git checkout -b backport-244361-to-release-23.05
ancref=$(git merge-base 2d82894fa1e2d23a22f40275a78bfbb09b92ffde d345ddaf65bbada63057752ebf6f2efa58817db3)
git cherry-pick -x $ancref..d345ddaf65bbada63057752ebf6f2efa58817db3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@endocrimes endocrimes Awaiting requested review from endocrimes

@rushmorem rushmorem Awaiting requested review from rushmorem

@techknowlogick techknowlogick Awaiting requested review from techknowlogick

@amaxine amaxine Awaiting requested review from amaxine

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@EtienneBruines @amaxine